There are many places where we multiply IntSize.width() * IntSize.height() * 4, so we should pull this into a utility method. I chose Color.h mostly because it's where "typedef unsigned RGBA32" lives.
Created attachment 292116 [details] Patch v1
Comment on attachment 292116 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=292116&action=review > Source/WebCore/platform/graphics/Color.h:402 > +inline unsigned numBytesWithColor(const IntSize& size) > +{ > + Checked<unsigned> result = Checked<unsigned>(size.area()) * sizeof(RGBA32); > + return result.unsafeGet(); > +} I don't think this is a good place, and encourages people to assume sizeof(pixel) == 4 but that might change. I think each image or buffer object should have a bytesSize() accessor.
Broke out PDFDocumentImage.cpp changes into: Bug 163757: Use IntSize::unclampedArea() in PDFDocumentImage::updateCachedImageIfNeeded()
Broke out use of checked arithmetic in IntSize::area() as: Bug 163762: IntSize::area() should used checked arithmetic
Moving to RESOLVED/WONTFIX since there probably needs to be more discussion here before a change is made, and I'm not an area expert.